API: Check for authentication manual api manual zettelstore zmk 00001012000000 00001012080100 00001012000000 00001012080100 1 (c) 2020-present by Detlef Stern 20220103224858 00001010040100 00001012050200 00001012920000 en EUPL-1.2-or-later 20220908163156 20220908163156 public API clients typically wants to know, whether authentication is enabled or not. If authentication is enabled, they present some form of user interface to get user name and password for the actual authentication. Then they try to obtain an access token. If authentication is disabled, these steps are not needed. To check for enabled authentication, you must send a HTTP POST request to the endpoint /x and you must specify the query parameter cmd=authenticated. # curl -X POST 'http://127.0.0.1:23123/x?cmd=authenticated' If authentication is not enabled, you will get a HTTP status code 200 (OK) with an empty HTTP body. Otherwise, authentication is enabled. If you provide a valid access token, you will receive a HTTP status code 204 (No Content) with an empty HTTP body. If you did not provide a valid access token (with is the typical case), you will get a HTTP status code 401 (Unauthorized), again with an empty HTTP body. HTTP Status codes 200 Authentication is disabled. 204 Authentication is enabled and a valid access token was provided. 400 Request was not valid. There are several reasons for this. Most likely, no query parameter cmd was given, or it did not contain the value authenticate. 401 Authentication is enabled and not valid access token was provided.